It is currently Wed Aug 23, 2017 8:27 pm

All times are UTC [ DST ]




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Improved L2TP support for Wireshark
PostPosted: Tue Sep 11, 2012 5:43 pm 
Site Admin

Joined: Sun Jul 27, 2008 1:39 pm
Posts: 122
We've contributed several enhancements to Wireshark's L2TP support:-

  • Automatic UDP ephemeral port tracking of L2TP connection establishment. When ephemeral UDP ports are used, it is no longer necessary to select UDP packets and use "Decode As -> L2TP".
  • Auto-detection of L2TPv3 L2SpecificHeader, Cookie and PseudowireType session parameters during session establishment. This means that Wireshark no longer requires user intervention to correctly decode the content of data carried in L2TPv3 sessions.
  • L2TPv3 MD5 and SHA1 Message Digest checking.
  • L2TPv3 Control Message Authentication checking.

If the session setup control message exchange is not available in the capture, the user can manually tell Wireshark the session parameters (PseudowireType, Cookie, etc) to allow Wireshark to disect the L2TP data packets.

The L2TPv3 Message Digest and Authentication checking feature lets users enter the L2TP shared secret by clicking on a packet in the conversation, then in the lower (middle) pane, right click on "> Layer 2 Tunneling Protocol version 3", then select "Protocol Preferences", then click on "Shared Secret". Wireshark will then highlight any packet in the conversation that it thinks has the wrong digest.

At this time, there is no official release with this support so you will need to build it from source to try it out. You can obtain the latest Wireshark source code from their anonymous svn repository at: http://anonsvn.wireshark.org/wireshark/trunk. Any version from r44879 has the above features. So please check it out and let us know what you think.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group